Apple to Close iPhone Security Hole That Police Use to Crack Devices

The friction came into public view after the F.B.I. could not access the iPhone of a shooter who killed 14 people in San Bernardino, Calif., in late 2015. A federal judge ordered Apple to figure out how to open the phone, prompting Timothy D. Cook, Apple’s chief executive, to respond with a blistering 1,100-word letter that said the company refused to compromise its users’ privacy. “The implications of the government’s demands are chilling,” he wrote.

Since then, two main companies have helped law enforcement hack into iPhones: Cellebrite, an Israeli forensics firm purchased by Japan’s Sun Corp. in 2006, and Grayshift, which was founded by a former Apple engineer in 2016. Law enforcement officials said they generally send iPhones to Cellebrite to unlock, with each phone costing several thousand dollars to open. In March, Grayshift began selling a $15,000 GrayKey device that police can use to unlock iPhones themselves.

Apple has closed loopholes in the past. For years, police used software to break into phones by simply trying every possible passcode. Apple blocked that technique by disabling iPhones after a certain number of wrong passcodes, but the Grayshift and Cellebrite software appear to be able to disable that Apple technology, allowing their devices to test thousands of passcodes, Mr. Green said.

Cellebrite declined to comment. Grayshift did not respond to requests for comment.

Opening locked iPhones through these methods has become more common, law enforcement officials said. Federal authorities, as well as large state and local police departments, typically have access to the tools, while smaller local agencies enlist the state or federal authorities to help on high-profile cases, they said.